I have a website for university timetable connected to microsoft sql server, there I have django table auth_user. Users can't register by themselves, university provides them with username and password. So in the table auth_user I have to fill data manually, but how can I fill the field which is responsible for password since it has to be hashed? I found only way to set password is to log in as admin, and change passwords in admin site, but that is not quite correct in terms of working with database as if I had to fill more than 100 students, it would be tiresome to do so. Maybe there is another approach to fill passwords directly in the database?
You can set the password for a user in Django by using the set_password method
from django.contrib.auth.models import User
u = User.objects.get(username='john')
u.set_password('new password')
u.save()
Related
I have application where administrators have to create accounts for the new users. Basically there is no option for random user to create account and access this app. The admin would have to enter some basic info like First, Last name, Email address, User name and then comes to the password. I have algorithm that generates unique passwords. I'm looking for the better option to handle this situation.
The old application worked this way: admin enters info, generates password and there is an option either to automatically notify users via email or admin will contact directly that user and provide login info. This method seems very inefficient and insecure at the same time. Sending info like user name and password in the email is definitely not recommended nowadays. I was wondering what would be a good approach?
Should I generate unique link with expiration date where user can enter the password? Or there is better way to handle this situation? I use JavaScript, JQuery and ColdFusion 2016 for this project.
I had imported users from my old database, while importing users i had specified a default password for all users.
Now I want to notify users about their login details and want to reset password to a random password.
I want to reset password only for those users, which I created on that date.
How do i do this?
I'm not sure if you can do that with DNN out of the box. I've seen a few options for what you are trying to do:
Create your own DNN Module that could cycle through selected users and reset their password. I actually did this a while ago for a previous company.
Their is a bulk user management Module on the DNN Store which does what you are asking: http://store.dnnsoftware.com/home/product-details/dnnmasters-user-manager-suite-42
I have actually set up and implemented a couple dynamic webpages for my website that involve adding news feeds and other media sources everyday with certain filters.
For right now, only I know the exact address of my admin menu for the CMS, but really anybody could access it right now since it isn't password protected.
I've looked into how to set up a User Authentication Restriction in Adobe's DreamWeaver CS6, but I keep hitting the same bump in the road in trying to do so.
I have my login.php page in front of me, and with the "password" field selected, I click on Server Behaviors > Add a Server Behavior > User Authentication > Login User. But this is where it gets hairy
I have the ability to pull up the database I have been using locally which involves about 4 separate columns (none of which have anything to do with a username/password), but when I go to select from the table which columns are used to verify the "username" and "password" field on my login.php page, there quite simply isn't a corresponding column to select.
I know there must be another way to set up in the database or in a separate database the values for my Logon, but I am not sure where. Anyone have any clue how to set this up so I can create a User Logon for my webpages? I tried granting my username all privileges and giving it a password in phpMyAdmin for this certain database I have been talking about but it did not help in creating the User Login (unless I missed something again in creating this password/granting all privileges).
You have to set your database username up with an index value in your table. It's an option other wise a key icon.
Unique I'd auto increment + username indexed + password varchar+ timestamp timestamp + reference1
I have been looking for the past few hours on how to user the phpBB login script on a custom site. I think I'm just not searching for the right things.
A while ago, I created a phpBB site and have over 900 members registered through phpBB. I am currently face-lifting this site and redoing the user registration along with all of the other custom code I have.
My problem is, I want the users to be able to log in as usual, though I want to input them into my new database so everything can run smoothly. I mainly need their username, password and old ID#, but I don't know how to use phpBB's password authentication or where to find it
The statement needs to look something like this:
On Login, grab username and password variables:
if the username is not in MY database, check phpBB database.
If the username is in phpBB database, check to see if the password is correct **(This is the part I don't know how to do)**
If the password is correct, input the username, user ID and the password (encrypted my way) into MY database
Login
If the password is incorrect - error
if the username is NOT in phpBB database - continue
if the username is not in MY database - input username and encrypted pass into my DB
login
Where can I find a script to authenticate the phpBB user's passwords? I don't care how the script is done, I know that's a secret, I just need to be able to authenticate passwords so that I can make sure it's the same user
I do have access to the phpBB database, I just need a way to authenticate their password
I would rather delete the quesion, but here's the answer:
Check here: http://sunnyis.me/blog/secure-passwords/
and when you download the PasswordHash.php, change all of the $P$ to $H$. It will work. Strange how it creates a password, every time it creates, it's different. But the CHECK part of it makes sure it checks it correctly, no matter what hashed pass it creates.
I'm using Joomla 1.5.22.
I tried to manually insert a new user to the 'site_users' table in the database.
But when i tried to log in with the new user, the page just refresh but doesn't log in.
May i know why is that so?
Sorry as i'm a beginner in programming and Joomla.
To create a new user the best solution is to :
login to the administrator page : http://www.yourwebsiteurl/administrator
then go to user management and create a new user
Don't try to insert a new user with a MySQL request, use the web interface.
Kevin is right.
If you want to add new user, then best way for you to add it from backend.
Actually, Joomla use do not depend only on one table #__user, with each entry of user, there access level are also maintained in some other tables. like core_acl_pro, acl_group etc
Password of user are md5 hashed of password and a random salt.
So its better to create user from backend.
+1 Kevin
Password are hashed when stored in the database. So you cannot store this information without knowning what you do!